<?php
class Zend_Controller_Action_Helper_Acl extends Zend_Controller_Action_Helper_Abstract
{
	protected $_auth;
	protected $_acl;
	protected $_resource;
	
	public function __construct()
	{
		$this->_auth = Zend_Auth::getInstance();
		$this->_acl = new App_Access_Acl();
	}
	
	public function init()
	{
		$this->_resource = $this->getRequest()->getControllerName();
		if(!$this->_acl->has($this->_resource)){
			$this->_acl->addResource($this->_resource);
		}
	}
	public function preDispatch()
	{
		$role = 'guest';
		if($this->_auth->hasIdentity()){
			$role = $this->_auth->getIdentity()->status;
		}
		$request = $this->getRequest();
		$privilege = $request->getActionName();
		
		if(!$this->_acl->has($this->_resource)){
			$resource = null;
		}
		
		if(!$this->_acl->isAllowed($role, $this->_resource, $privilege)){
			$controller = $this->getActionController();
			$controller->getHelper('FlashMessenger')->addMessage('You need to log in to have access to this shit');
			$controller->getHelper('Redirector')->gotoSimple('fail', 'index', 'default');			
		}

	}
	public function allow($role = null, $privilege = null)
	{
		$this->_acl->allow($role, $this->_resource, $privilege);
		return $this;
	}
	public function deny($role = null, $privilege = null)
	{
		$this->_acl->deny($role, $this->_resource, $privilege);
		return $this;
	}
}